The Road to CEIC 2013: Cyber-Threat Response: Mitigate, Reduce, Reduce!

Jessica Bair The “Road to CEIC 2013” is a series of blog posts on all things CEIC, before, during, and after, from an insider’s point of view.

Last week, Darrell Arms and I presented a webinar and white paper on Incident Response: Six Best Practices for Managing Cyber Breaches. Executives are quickly understanding that it is virtually impossible to completely avoid a network breach. You need to be equipped to take immediate action when a breach occurs, as business operations must continue and network connectivity to the rest of the world is essential. As discussed in the blog post The Road to CEIC 2013: Cybersecurity 101, cybersecurity is a fast-growing field with many opportunities to contribute to a safer cyber world.

The Cyber-threat Response and Management track at @CEIC_Conf #CEIC will provide you with information to help you achieve three key business objectives:

1. Mitigate RISK
2. Reduce the TIME
3. Reduce the COST

Endpoint Incident Response

1. Mitigate the RISK of successful attacks through rapid validation, comprehensive scope assessment, and containment of security incidents
2. Eliminate the TIME delay between compromise, detection, and response
3. Reduce the COST and overhead of incident response by leveraging existing people and technologies

Endpoint Sensitive Data Discovery and Security

1. Mitigate the RISK of sensitive data in unauthorized locations
2. Reduce the TIME it takes to locate sensitive data and enforce regulatory and policy compliance
3. Reduce the COST associated with data discovery processes that don’t easily scale and lack definitive enforcement

One such presentation will be Responding to a Cyber Security Incident with Jasen Yens, Guidance Software consultant. Jasen will take you through steps of a cyber security incident, including the timeline of events and threat Identification; team development and coordination; best-of-breed tools for incident response; identification, tracking and eradication; what worked and what didn’t; and recommendations.

Another hot topic in cybersecurity is integration with best-of-breed tools for malware detection and incident response. Check out Speed Up Your IR Investigations with IOC's from FireEye with Sam Yoon of FireEye. In this session, you will learn to leverage threat-related information from FireEye MPS and your current EnCase knowledge to conduct faster, conclusive Incident Response investigations. Also, you will not want to miss to two sessions on the leading edge technology of EnCase® Cybersecurity: Endpoint Analytics with EnCase Cybersecurity and Shaking up the Security Stack: The Future of EnCase Cybersecurity. Look for more announcements on these presentations at CEIC.

Cyber-threat Response and Management track:

• Hunting for Unfriendly Easter Eggs
• A Year in the Life of an MD5
• Responding to a Cyber Security Incident
• You Can Panic now -- A DFIR Look at APT-Based Attack
• How the World will End: The Spy is in the Cybersphere
• Developing a Capability-Driven IR Program
• How CISOs and General Counsels are Quickly Becoming Best Friends
• Endpoint Analytics with EnCase Cybersecurity
• Speed Up Your IR Investigations with IOC's from FireEye
• Shaking up the Security Stack: The Future of EnCase Cybersecurity

The lab machine image is off for cloning by the hundreds; and the last of the lab and lecture presentations are arriving. Everything is coming together to make this an incredible conference. If you have not already registered, do so right away in order to ensure that you can attend the sessions that you most want to attend.

Jessica Bair
Senior Director, Curriculum Development
@jessicambair